Category: External Storage

As promised in the first blog post about the Nextcloud App Ecosystem, here comes the second one about all the official Nextcloud Apps that are disabled by default.

To understand the different types of apps better, I would categorize them as following so far:

Official Nextcloud app:
A Nextcloud app is called official when it’s developed/maintained by Nextcloud GmbH and shipped in the Nextcloud server package. Some official apps are enabled.

Approved Nextcloud app
A Nextcloud App is called approved when it comes from a third party entity and is shipped in the Nextcloud server package.

Apps from the Nextcloud app store.
In Nextcloud version 11, an app store will be integrated. I don’t know yet how these apps will be called in the future.

This blog post covers official Nextcloud apps which are disabled by default:

Default encryption module

External sites

External storage support

External user support

File access control

Files automated tagging

Gallery

LDAP user and group backend

Retention

SAML authentication

If you just read the names and you are not familiar with the Nextcloud project you might struggling to understand what these apps are for, why they are not enabled and whether it is a good or a bad idea to enable them. I’ll go through these apps, provide a short description and, if possible a common use case and some screenshots.

Default encryption module

I’m not sure why this package is called a module, it should be called an app, an official app!

As you may assume this app is about security. After enabling the app and server-side encryption in the administration settings, all your new uploaded files will be encrypted based on AES 256 keys (How secure are AES-256 encrypted files?), the app won’t touch existing files.Attention: It is not possible to disable the encryption again and switch back to an unencrypted system!
Please read the documentation to know all implications before you decide to enable server-side encryption.

Enable server-side encryption

External sites

This app allows an administrator to add links in the Nextcloud web interface apps menu that points to an external website. For a user, the external site appears in an iframe as if it’s part of the Nextcoud installation.

External Sites – ConfigurationExternal website in an iframe

External storage support

The external storage support app enables administrators to configure connections to external storage providers (FTP , Amazon S3, SWIFT object stores, Google Drive, Dropbox, other Nextcloud servers, WebDAV servers, and more). Administrators can choose which types of storage to enable and can mount these storage locations for a user, a group, or the entire system. The screenshot shows an example with external storage via SFTP.

External Storage Configuration

Users will see a new folder appearing in their root Nextcloud directory, which they can access and use it like any other Nextcloud folder.

External Storage in Files

External user support

This app authenticates user login against FTP, IMAP or SMB. Passwords are not stored locally and authentication always happens against the remote server. There is no graphical user interface for configuration. You have to add parameters to the configuration file config.php.
Have a look at the documentation.

File access control

This app controls the access to files. It can be used e.g. in relationship with the two factor authentication app (an approved app – TOTP TwoFactor (Google Authenticator)) because it’s necessary to protect the keys. I’ll cover this topic in a separate blog post.
Meanwhile, have a look at Joas blog post on Nextcloud.com – File Access Control – A firewall for your private files in Nextcloud.

Files automated tagging

The app automatically assigns tags to newly uploaded files based on conditions. Combined with Files Access Control App and Retention App it’s possible to create workflows like

converting document file types to PDF upon upload by members of a specified group

emailing files put in a specified folder with a given tag to a given mail address.

Conclusion

The official but not enabled apps are often covering special use cases like the whole authentication and workflow handling. Even if these are not “main stream use cases” it’s important and crucial to know that these solutions exist for using Nextcloud efficiently in your company!

tl;dr: The Nextcloud 10 server package comes with several official apps that are not all enabled by default but awesome!